sqlite: NULL Pointer Dereference (CVE-2018-8740)
In SQLite through 3.22.0, databases whose schema is corrupted using a
CREATE TABLE AS statement
could cause a NULL pointer dereference, related to build.c and
prepare.c.
References:
http://openwall.com/lists/oss-security/2018/03/17/1
https://nvd.nist.gov/vuln/detail/CVE-2018-8740
Patch:
https://www.sqlite.org/cgi/src/vdiff?from=1774f1c3baf0bc3d&to=d75e67654aa9620b
(from redmine: issue id 8680, created on 2018-03-19, closed on 2018-07-30)
- Relations:
- copied_to #8681 (closed)
- copied_to #8682 (closed)
- copied_to #8683 (closed)
- copied_to #8684 (closed)
- copied_to #8685 (closed)
- child #8681 (closed)
- child #8682 (closed)
- child #8683 (closed)
- child #8684 (closed)
- child #8685 (closed)